Masking a boot sequence by providing a dummy processor

US 7,774,616 B2
Filed: 06/09/2006
Issued: 08/10/2010
Est. Priority Date: 06/09/2006
Status: Expired due to Fees

First Claim

Patent Images

1. A method, in a data processing system having a boot processor and a plurality of non-boot processors, for masking execution of a boot code sequence in the data processing system, comprising:

executing the boot code sequence on the boot processor to thereby boot the data processing system to an operational state;

executing a first masking code sequence on at least one first non-boot processor, of the plurality of non-boot processors, to thereby generate at least one first set of electromagnetic or thermal signatures that approximate an electromagnetic or thermal signature of the execution of the boot code sequence on the boot processor, thereby masking the execution of the boot code sequence on the boot processor;

executing a second masking code sequence on a second non-boot processor, of the plurality of non-boot processors, to thereby generate at least one second set of electromagnetic or thermal signatures that are different from the electromagnetic or thermal signature of the execution of the boot code sequence on the boot processor, thereby making the second non-boot processor appear to be the boot processor; and

randomly selecting the second non-boot processor from the plurality of non-boot processors, wherein the at least one first non-boot processor is all non-boot processors of the plurality of non-boot processors that were not randomly selected to be the second non-boot processor and wherein the second non-boot processor is randomly selected from the plurality of non-boot processors with each power-on reset operation of the data processing system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Masking a boot sequence by providing a dummy processor is provided. One of the processors of a multiprocessor system is chosen to be a boot processor. The other processors of the multiprocessor system execute masking code that generates electromagnetic and/or thermal signatures that mask the electromagnetic and/or thermal signatures of the actual boot processor. The execution of the masking code on the non-boot processors preferably generates electromagnetic and/or thermal signatures that approximate the signatures of the actual boot code execution on the boot processor. One of the non-boot processors is selected to execute masking code that is different from the other masking code sequence to thereby generate an electromagnetic and/or thermal signature that appears to be unique from an external monitoring perspective.

Citations

11 Claims

1. A method, in a data processing system having a boot processor and a plurality of non-boot processors, for masking execution of a boot code sequence in the data processing system, comprising:
- executing the boot code sequence on the boot processor to thereby boot the data processing system to an operational state;
  
  executing a first masking code sequence on at least one first non-boot processor, of the plurality of non-boot processors, to thereby generate at least one first set of electromagnetic or thermal signatures that approximate an electromagnetic or thermal signature of the execution of the boot code sequence on the boot processor, thereby masking the execution of the boot code sequence on the boot processor;
  
  executing a second masking code sequence on a second non-boot processor, of the plurality of non-boot processors, to thereby generate at least one second set of electromagnetic or thermal signatures that are different from the electromagnetic or thermal signature of the execution of the boot code sequence on the boot processor, thereby making the second non-boot processor appear to be the boot processor; and
  
  randomly selecting the second non-boot processor from the plurality of non-boot processors, wherein the at least one first non-boot processor is all non-boot processors of the plurality of non-boot processors that were not randomly selected to be the second non-boot processor and wherein the second non-boot processor is randomly selected from the plurality of non-boot processors with each power-on reset operation of the data processing system.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, further comprising:
    - randomly selecting the second masking code sequence from a plurality of masking code sequences.
  - 3. The method of claim 1, further comprising:
    - randomly selecting the boot processor from a plurality of processors, wherein the plurality of processors comprise the boot processor, the at least one first non-boot processor, and the second non-boot processor.
  - 4. The method of claim 1, wherein the data processing system is a heterogeneous multiprocessor system-on-a-chip having a first processor the operates according to a first instruction set and one or more second processors that operate according to a second instruction set different from the first instruction set.

5. A data processing system comprising:
- a boot processor;
  
  a plurality of non-boot processors;
  
  a boot code storage device coupled to the boot processor; and
  
  a masking code storage device coupled to the plurality of non-boot processors, wherein;
  
  a boot code sequence is executed on the boot processor to thereby boot the data processing system to an operational state,a first masking code sequence, from the masking code storage device, is executed on at least one first non-boot processor, of the plurality of non-boot processors, to thereby generate at least one first set of electromagnetic or thermal signatures that approximate an electromagnetic or thermal signature of the execution of the boot code sequence on the boot processor, thereby masking the execution of the boot code sequence on the boot processor,a second masking code sequence, from the masking code storage device, is executed on a second non-boot processor, of the plurality of non-boot processors, to thereby generate at least one second set of electromagnetic or thermal signatures that are different from the electromagnetic or thermal signature of the execution of the boot code sequence on the boot processor, thereby making the second non-boot processor appear to be the boot processor; and
  
  pervasive logic coupled to the boot processor and the plurality of non-boot processors, wherein the pervasive logic randomly selects the second non-boot processor from the plurality of non-boot processors, wherein the at least one first non-boot processor is all non-boot processors of the plurality of non-boot processors that were not randomly selected to be the second non-boot processor and wherein the second non-boot processor is randomly selected from the plurality of non-boot processors with each power-on reset operation of the data processing system.
- View Dependent Claims (6, 7, 8)
- - 6. The system of claim 5, further comprising pervasive logic coupled to the boot processor and the plurality of non-boot processors, wherein the pervasive logic randomly selects the second masking code sequence from a plurality of masking code sequences.
  - 7. The system of claim 5, further comprising pervasive logic coupled to the boot processor and the plurality of non-boot processors, wherein the pervasive logic randomly selects the boot processor from a plurality of processors, wherein the plurality of processors comprise the boot processor and the plurality of non-boot processors.
  - 8. The system of claim 5, wherein the data processing system is a heterogeneous multiprocessor system-on-a-chip having a first processor the operates according to a first instruction set and one or more second processors that operate according to a second instruction set different from the first instruction set.

9. A computer program product comprising a computer useable medium having a computer readable program recorded thereon, wherein the computer readable program, when executed on a data processing system, causes the data processing system to:
- execute a boot code sequence on a boot processor to thereby boot the data processing system to an operational state;
  
  execute a first masking code sequence on at least one first non-boot processor, of the plurality of non-boot processors, to thereby generate at least one first set of electromagnetic or thermal signatures that approximate an electromagnetic or thermal signature of the execution of the boot code sequence on the boot processor, thereby masking the execution of the boot code sequence on the boot processor;
  
  execute a second masking code sequence on a second non-boot processor, of the plurality of non-boot processors, to thereby generate at least one second set of electromagnetic or thermal signatures that are different from the electromagnetic or thermal signature of the execution of the boot code sequence on the boot processor, thereby making the second non-boot processor appear to be the boot processor; and
  
  randomly select the second non-boot processor from a plurality of non-boot processors, wherein the at least one first non-boot processor is all non-boot processors of the plurality of non-boot processors that were not randomly selected to be the second non-boot processor and wherein the second non-boot processor is randomly selected from the plurality of non-boot processors with each power-on reset operation of the data processing system.
- View Dependent Claims (10, 11)
- - 10. The computer program product of claim 9, wherein the computer readable program further causes the data processing system to:
    - randomly select the second masking code sequence from a plurality of masking code sequences.
  - 11. The computer program product of claim 9, wherein the computer readable program further causes the data processing system to:
    - randomly select the boot processor from a plurality of processors, wherein the plurality of processors comprise the boot processor, the at least one first non-boot processor, and the second non-boot processor.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Roberts, Steven L., DeMent, Jonathan J., O'Niell, Clark M., Dale, Jason N.
Primary Examiner(s)
Moazzami; Nasser
Assistant Examiner(s)
SHEHNI, GHAZAL B

Application Number

US11/423,312
Publication Number

US 20070288762A1
Time in Patent Office

1,523 Days
Field of Search

713 1- 2, 713/189, 713/300, 726 34- 36
US Class Current

713/189
CPC Class Codes

G06F 21/575   Secure boot

G06F 21/755   with measures against power...

G06F 9/4406   Loading of operating system

H04L 2209/04   Masking or blinding

H04L 2209/08   Randomization, e.g. dummy o...

H04L 9/08   Key distribution or managem...

Masking a boot sequence by providing a dummy processor

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Masking a boot sequence by providing a dummy processor

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links